package com.qf.fronted.controller;

import com.qf.fronted.domain.Data;
import com.qf.fronted.domain.SmsCode;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * 用户在注册页面，填写完电话和验证码之后，点击 “下一步” 按钮的触发的。
 */
@Controller
@CrossOrigin(origins = "*")  //跨域配置
public class ValidateCodeAndPhoneController {

    @RequestMapping("/validate")
    @ResponseBody
    public Data getValidateCodeAndPhone(String validateCode, String phone, HttpServletRequest req) {
        HttpSession session = req.getSession();
        SmsCode smsCode = (SmsCode) session.getAttribute("smsCode");
        Data data = null;

        if (null == smsCode || !smsCode.getCode().equals(validateCode)) { //用户没有验证码
            data = new Data(-2, "验证码错误.");
            return data;
        }

        if (!smsCode.isExpire()) { //验证码过期了
            data = new Data(-1, "验证码过期.");
            return data;
        }

        // 验证正确，但是手机号不正确, 属于高危风控
        if (smsCode.getCode().equals(validateCode) && !smsCode.getPhone().equals(phone)) {
            data = new Data(-3, "系统有检测到您有恶意注册行为.");
            // TODO 在实际工作中，要将原本的手机推送到风控系统
            return data;
        }

        data = new Data(1, "success");
        return data;
    }
}
